Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -47,6 +47,7 @@ CVE-2018-1000205 (U-Boot contains a CWE-20: Improper Input Validation vulnerabil
 CVE-2018-XXXX [grep-excuses: uses YAML::Syck in a unsafe way]
 	- devscripts <unfixed> (low; bug #902409)
 	[stretch] - devscripts <no-dsa> (Minor issue)
+	[jessie] - devscripts <no-dsa> (Minor issue)
 CVE-2018-1000610 (A exposure of sensitive information vulnerability exists in Jenkins ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2018-1000609 (A exposure of sensitive information vulnerability exists in Jenkins ...)
@@ -450,21 +451,25 @@ CVE-2018-12701
 CVE-2018-12700 (A Stack Exhaustion issue was discovered in debug_write_type in debug.c ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 CVE-2018-12699 (finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 CVE-2018-12698 (demangle_template in cplus-dem.c in GNU libiberty, as distributed in ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 CVE-2018-12697 (A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) ...)
 	- binutils <unfixed> (low)
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23057
 CVE-2018-12696 (mao10cms 6 allows XSS via the article page. ...)
@@ -567,6 +572,7 @@ CVE-2018-12649 (An issue was discovered in app/Controller/UsersController.php in
 CVE-2018-12648 (The WEBP::GetLE32 function in ...)
 	- exempi <unfixed> (low; bug #902175)
 	[stretch] - exempi <no-dsa> (Minor issue)
+	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=106981
 CVE-2018-12647
 	RESERVED
@@ -1297,6 +1303,7 @@ CVE-2018-12438 (The Elliptic Curve Cryptography library (aka sunec or libsunec)
 CVE-2018-12437 (LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ...)
 	- libtomcrypt <unfixed> (low; bug #901626)
 	[stretch] - libtomcrypt <no-dsa> (Minor issue)
+	[jessie] - libtomcrypt <no-dsa> (Minor issue)
 	NOTE: https://github.com/libtom/libtomcrypt/issues/407
 CVE-2018-12436 (wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a ...)
 	- wolfssl <unfixed> (bug #901627)
@@ -2718,6 +2725,7 @@ CVE-2018-12066 (BIRD Internet Routing Daemon before 1.6.4 allows local users to
 CVE-2018-1002209 [arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file]
 	- libquazip <unfixed>
 	[stretch] - libquazip <no-dsa> (Minor issue)
+	[jessie] - libquazip <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1593011
 	TODO: further checks, should be fixedin 0.7.6
 CVE-2018-1002204 [nodejs-adm-zip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file]
@@ -2993,6 +3001,7 @@ CVE-2018-11724 (The mobi_pk1_decrypt function in encryption.c in Libmobi 0.3 all
 CVE-2018-11723 (The libpff_name_to_id_map_entry_read function in ...)
 	- libpff <unfixed> (low; bug #901967)
 	[stretch] - libpff <no-dsa> (Minor issue)
+	[jessie] - libpff <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2018/Jun/15
 CVE-2018-11722 (WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' ...)
 	NOT-FOR-US: WUZHI CMS